Replace SSL_IS_DTLS with SSL_is_dtls().

Garbage collect the now unused SSL_IS_DTLS macro. ok tb@
author: jsing <> 2020-10-14 16:57:33 +0000
committer: jsing <> 2020-10-14 16:57:33 +0000
commit: e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298 (patch)
tree: 78cf866b36bb0fdd2fbaafb054ed0c36fcef0747 /src/lib/libssl/ssl_clnt.c
parent: a94866305ad306011ef3cb3dade3f2c6c1c5dec0 (diff)
download: openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.tar.gz
openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.tar.bz2
openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.zip
1 files changed, 25 insertions, 25 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 88b82c4400..4a6e8b06a8 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.75 2020/10/11 02:22:27 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.76 2020/10/14 16:57:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -212,7 +212,7 @@ ssl3_connect(SSL *s)
                        if (cb != NULL)
                                cb(s, SSL_CB_HANDSHAKE_START, 1);
-                        if (SSL_IS_DTLS(s)) {
+                        if (SSL_is_dtls(s)) {
                                if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
                                        SSLerror(s, ERR_R_INTERNAL_ERROR);
                                        ret = -1;
@@ -253,7 +253,7 @@ ssl3_connect(SSL *s)
                        s->ctx->internal->stats.sess_connect++;
                        s->internal->init_num = 0;
-                        if (SSL_IS_DTLS(s)) {
+                        if (SSL_is_dtls(s)) {
                                /* mark client_random uninitialized */
                                memset(s->s3->client_random, 0,
                                    sizeof(s->s3->client_random));
@@ -266,7 +266,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_CLNT_HELLO_B:
                        s->internal->shutdown = 0;
-                        if (SSL_IS_DTLS(s)) {
+                        if (SSL_is_dtls(s)) {
                                /* every DTLS ClientHello resets Finished MAC */
                                tls1_transcript_reset(s);
@@ -277,7 +277,7 @@ ssl3_connect(SSL *s)
                        if (ret <= 0)
                                goto end;
-                        if (SSL_IS_DTLS(s) && D1I(s)->send_cookie) {
+                        if (SSL_is_dtls(s) && D1I(s)->send_cookie) {
                                S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
                                S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
                        } else
@@ -299,7 +299,7 @@ ssl3_connect(SSL *s)
                        if (s->internal->hit) {
                                S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
-                                if (!SSL_IS_DTLS(s)) {
+                                if (!SSL_is_dtls(s)) {
                                        if (s->internal->tlsext_ticket_expected) {
                                                /* receive renewed session ticket */
                                                S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
@@ -308,7 +308,7 @@ ssl3_connect(SSL *s)
                                        /* No client certificate verification. */
                                        tls1_transcript_free(s);
                                }
-                        } else if (SSL_IS_DTLS(s)) {
+                        } else if (SSL_is_dtls(s)) {
                                S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
                        } else {
                                S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
@@ -392,7 +392,7 @@ ssl3_connect(SSL *s)
                        ret = ssl3_get_server_done(s);
                        if (ret <= 0)
                                goto end;
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_stop_timer(s);
                        if (S3I(s)->tmp.cert_req)
                                S3I(s)->hs.state = SSL3_ST_CW_CERT_A;
@@ -406,7 +406,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_CERT_B:
                case SSL3_ST_CW_CERT_C:
                case SSL3_ST_CW_CERT_D:
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_start_timer(s);
                        ret = ssl3_send_client_certificate(s);
                        if (ret <= 0)
@@ -417,7 +417,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_KEY_EXCH_A:
                case SSL3_ST_CW_KEY_EXCH_B:
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_start_timer(s);
                        ret = ssl3_send_client_key_exchange(s);
                        if (ret <= 0)
@@ -444,7 +444,7 @@ ssl3_connect(SSL *s)
                                S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
                                S3I(s)->change_cipher_spec = 0;
                        }
-                        if (!SSL_IS_DTLS(s)) {
+                        if (!SSL_is_dtls(s)) {
                                if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
                                        S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
                                        S3I(s)->change_cipher_spec = 0;
@@ -456,7 +456,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_CERT_VRFY_A:
                case SSL3_ST_CW_CERT_VRFY_B:
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_start_timer(s);
                        ret = ssl3_send_client_verify(s);
                        if (ret <= 0)
@@ -468,7 +468,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_CHANGE_A:
                case SSL3_ST_CW_CHANGE_B:
-                        if (SSL_IS_DTLS(s) && !s->internal->hit)
+                        if (SSL_is_dtls(s) && !s->internal->hit)
                                dtls1_start_timer(s);
                        ret = ssl3_send_change_cipher_spec(s,
                            SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
@@ -490,21 +490,21 @@ ssl3_connect(SSL *s)
                                goto end;
                        }
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
                        break;
                case SSL3_ST_CW_FINISHED_A:
                case SSL3_ST_CW_FINISHED_B:
-                        if (SSL_IS_DTLS(s) && !s->internal->hit)
+                        if (SSL_is_dtls(s) && !s->internal->hit)
                                dtls1_start_timer(s);
                        ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
                            SSL3_ST_CW_FINISHED_B, TLS_MD_CLIENT_FINISH_CONST,
                            TLS_MD_CLIENT_FINISH_CONST_SIZE);
                        if (ret <= 0)
                                goto end;
-                        if (!SSL_IS_DTLS(s))
+                        if (!SSL_is_dtls(s))
                                s->s3->flags |= SSL3_FLAGS_CCS_OK;
                        S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
@@ -543,7 +543,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CR_FINISHED_A:
                case SSL3_ST_CR_FINISHED_B:
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                D1I(s)->change_cipher_spec_ok = 1;
                        else
                                s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -551,7 +551,7 @@ ssl3_connect(SSL *s)
                            SSL3_ST_CR_FINISHED_B);
                        if (ret <= 0)
                                goto end;
-                        if (SSL_IS_DTLS(s))
+                        if (SSL_is_dtls(s))
                                dtls1_stop_timer(s);
                        if (s->internal->hit)
@@ -564,7 +564,7 @@ ssl3_connect(SSL *s)
                case SSL3_ST_CW_FLUSH:
                        s->internal->rwstate = SSL_WRITING;
                        if (BIO_flush(s->wbio) <= 0) {
-                                if (SSL_IS_DTLS(s)) {
+                                if (SSL_is_dtls(s)) {
                                        /* If the write error was fatal, stop trying */
                                        if (!BIO_should_retry(s->wbio)) {
                                                s->internal->rwstate = SSL_NOTHING;
@@ -588,7 +588,7 @@ ssl3_connect(SSL *s)
                                goto end;
                        }
-                        if (!SSL_IS_DTLS(s))
+                        if (!SSL_is_dtls(s))
                                ssl3_release_init_buffer(s);
                        ssl_free_wbio_buffer(s);
@@ -609,7 +609,7 @@ ssl3_connect(SSL *s)
                        if (cb != NULL)
                                cb(s, SSL_CB_HANDSHAKE_DONE, 1);
-                        if (SSL_IS_DTLS(s)) {
+                        if (SSL_is_dtls(s)) {
                                /* done with handshaking */
                                D1I(s)->handshake_read_seq = 0;
                                D1I(s)->next_handshake_write_seq = 0;
@@ -683,7 +683,7 @@ ssl3_send_client_hello(SSL *s)
                 * HelloVerifyRequest, we must retain the original client
                 * random value.
                 */
-                if (!SSL_IS_DTLS(s) || D1I(s)->send_cookie == 0)
+                if (!SSL_is_dtls(s) || D1I(s)->send_cookie == 0)
                        arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
                if (!ssl3_handshake_msg_start(s, &cbb, &client_hello,
@@ -744,7 +744,7 @@ ssl3_send_client_hello(SSL *s)
                }
                /* DTLS Cookie. */
-                if (SSL_IS_DTLS(s)) {
+                if (SSL_is_dtls(s)) {
                        if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {
                                SSLerror(s, ERR_R_INTERNAL_ERROR);
                                goto err;
@@ -875,7 +875,7 @@ ssl3_get_server_hello(SSL *s)
        CBS_init(&cbs, s->internal->init_msg, n);
-        if (SSL_IS_DTLS(s)) {
+        if (SSL_is_dtls(s)) {
                if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
                        if (D1I(s)->send_cookie == 0) {
                                S3I(s)->tmp.reuse_message = 1;
@@ -926,7 +926,7 @@ ssl3_get_server_hello(SSL *s)
        if (!ssl_downgrade_max_version(s, &max_version))
                goto err;
-        if (!SSL_IS_DTLS(s) && max_version >= TLS1_2_VERSION &&
+        if (!SSL_is_dtls(s) && max_version >= TLS1_2_VERSION &&
            s->version < max_version) {
                /*
                 * RFC 8446 section 4.1.3. We must not downgrade if the server
author	jsing <>	2020-10-14 16:57:33 +0000
committer	jsing <>	2020-10-14 16:57:33 +0000
commit	e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298 (patch)
tree	78cf866b36bb0fdd2fbaafb054ed0c36fcef0747 /src/lib/libssl/ssl_clnt.c
parent	a94866305ad306011ef3cb3dade3f2c6c1c5dec0 (diff)
download	openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.tar.gz openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.tar.bz2 openbsd-e60f5a8fe5ed7844d5dc6f1c9dbcf86fce1ae298.zip

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 88b82c4400..4a6e8b06a8 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.75 2020/10/11 02:22:27 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.76 2020/10/14 16:57:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -212,7 +212,7 @@ ssl3_connect(SSL *s)
212	if (cb != NULL)	212	if (cb != NULL)
213	cb(s, SSL_CB_HANDSHAKE_START, 1);	213	cb(s, SSL_CB_HANDSHAKE_START, 1);
214		214
215	if (SSL_IS_DTLS(s)) {	215	if (SSL_is_dtls(s)) {
216	if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {	216	if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {
217	SSLerror(s, ERR_R_INTERNAL_ERROR);	217	SSLerror(s, ERR_R_INTERNAL_ERROR);
218	ret = -1;	218	ret = -1;
@@ -253,7 +253,7 @@ ssl3_connect(SSL *s)
253	s->ctx->internal->stats.sess_connect++;	253	s->ctx->internal->stats.sess_connect++;
254	s->internal->init_num = 0;	254	s->internal->init_num = 0;
255		255
256	if (SSL_IS_DTLS(s)) {	256	if (SSL_is_dtls(s)) {
257	/* mark client_random uninitialized */	257	/* mark client_random uninitialized */
258	memset(s->s3->client_random, 0,	258	memset(s->s3->client_random, 0,
259	sizeof(s->s3->client_random));	259	sizeof(s->s3->client_random));
@@ -266,7 +266,7 @@ ssl3_connect(SSL *s)
266	case SSL3_ST_CW_CLNT_HELLO_B:	266	case SSL3_ST_CW_CLNT_HELLO_B:
267	s->internal->shutdown = 0;	267	s->internal->shutdown = 0;
268		268
269	if (SSL_IS_DTLS(s)) {	269	if (SSL_is_dtls(s)) {
270	/* every DTLS ClientHello resets Finished MAC */	270	/* every DTLS ClientHello resets Finished MAC */
271	tls1_transcript_reset(s);	271	tls1_transcript_reset(s);
272		272
@@ -277,7 +277,7 @@ ssl3_connect(SSL *s)
277	if (ret <= 0)	277	if (ret <= 0)
278	goto end;	278	goto end;
279		279
280	if (SSL_IS_DTLS(s) && D1I(s)->send_cookie) {	280	if (SSL_is_dtls(s) && D1I(s)->send_cookie) {
281	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;	281	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
282	S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;	282	S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
283	} else	283	} else
@@ -299,7 +299,7 @@ ssl3_connect(SSL *s)
299		299
300	if (s->internal->hit) {	300	if (s->internal->hit) {
301	S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;	301	S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
302	if (!SSL_IS_DTLS(s)) {	302	if (!SSL_is_dtls(s)) {
303	if (s->internal->tlsext_ticket_expected) {	303	if (s->internal->tlsext_ticket_expected) {
304	/* receive renewed session ticket */	304	/* receive renewed session ticket */
305	S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;	305	S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
@@ -308,7 +308,7 @@ ssl3_connect(SSL *s)
308	/* No client certificate verification. */	308	/* No client certificate verification. */
309	tls1_transcript_free(s);	309	tls1_transcript_free(s);
310	}	310	}
311	} else if (SSL_IS_DTLS(s)) {	311	} else if (SSL_is_dtls(s)) {
312	S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;	312	S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
313	} else {	313	} else {
314	S3I(s)->hs.state = SSL3_ST_CR_CERT_A;	314	S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
@@ -392,7 +392,7 @@ ssl3_connect(SSL *s)
392	ret = ssl3_get_server_done(s);	392	ret = ssl3_get_server_done(s);
393	if (ret <= 0)	393	if (ret <= 0)
394	goto end;	394	goto end;
395	if (SSL_IS_DTLS(s))	395	if (SSL_is_dtls(s))
396	dtls1_stop_timer(s);	396	dtls1_stop_timer(s);
397	if (S3I(s)->tmp.cert_req)	397	if (S3I(s)->tmp.cert_req)
398	S3I(s)->hs.state = SSL3_ST_CW_CERT_A;	398	S3I(s)->hs.state = SSL3_ST_CW_CERT_A;
@@ -406,7 +406,7 @@ ssl3_connect(SSL *s)
406	case SSL3_ST_CW_CERT_B:	406	case SSL3_ST_CW_CERT_B:
407	case SSL3_ST_CW_CERT_C:	407	case SSL3_ST_CW_CERT_C:
408	case SSL3_ST_CW_CERT_D:	408	case SSL3_ST_CW_CERT_D:
409	if (SSL_IS_DTLS(s))	409	if (SSL_is_dtls(s))
410	dtls1_start_timer(s);	410	dtls1_start_timer(s);
411	ret = ssl3_send_client_certificate(s);	411	ret = ssl3_send_client_certificate(s);
412	if (ret <= 0)	412	if (ret <= 0)
@@ -417,7 +417,7 @@ ssl3_connect(SSL *s)
417		417
418	case SSL3_ST_CW_KEY_EXCH_A:	418	case SSL3_ST_CW_KEY_EXCH_A:
419	case SSL3_ST_CW_KEY_EXCH_B:	419	case SSL3_ST_CW_KEY_EXCH_B:
420	if (SSL_IS_DTLS(s))	420	if (SSL_is_dtls(s))
421	dtls1_start_timer(s);	421	dtls1_start_timer(s);
422	ret = ssl3_send_client_key_exchange(s);	422	ret = ssl3_send_client_key_exchange(s);
423	if (ret <= 0)	423	if (ret <= 0)
@@ -444,7 +444,7 @@ ssl3_connect(SSL *s)
444	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;	444	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
445	S3I(s)->change_cipher_spec = 0;	445	S3I(s)->change_cipher_spec = 0;
446	}	446	}
447	if (!SSL_IS_DTLS(s)) {	447	if (!SSL_is_dtls(s)) {
448	if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {	448	if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
449	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;	449	S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
450	S3I(s)->change_cipher_spec = 0;	450	S3I(s)->change_cipher_spec = 0;
@@ -456,7 +456,7 @@ ssl3_connect(SSL *s)
456		456
457	case SSL3_ST_CW_CERT_VRFY_A:	457	case SSL3_ST_CW_CERT_VRFY_A:
458	case SSL3_ST_CW_CERT_VRFY_B:	458	case SSL3_ST_CW_CERT_VRFY_B:
459	if (SSL_IS_DTLS(s))	459	if (SSL_is_dtls(s))
460	dtls1_start_timer(s);	460	dtls1_start_timer(s);
461	ret = ssl3_send_client_verify(s);	461	ret = ssl3_send_client_verify(s);
462	if (ret <= 0)	462	if (ret <= 0)
@@ -468,7 +468,7 @@ ssl3_connect(SSL *s)
468		468
469	case SSL3_ST_CW_CHANGE_A:	469	case SSL3_ST_CW_CHANGE_A:
470	case SSL3_ST_CW_CHANGE_B:	470	case SSL3_ST_CW_CHANGE_B:
471	if (SSL_IS_DTLS(s) && !s->internal->hit)	471	if (SSL_is_dtls(s) && !s->internal->hit)
472	dtls1_start_timer(s);	472	dtls1_start_timer(s);
473	ret = ssl3_send_change_cipher_spec(s,	473	ret = ssl3_send_change_cipher_spec(s,
474	SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);	474	SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
@@ -490,21 +490,21 @@ ssl3_connect(SSL *s)
490	goto end;	490	goto end;
491	}	491	}
492		492
493	if (SSL_IS_DTLS(s))	493	if (SSL_is_dtls(s))
494	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);	494	dtls1_reset_seq_numbers(s, SSL3_CC_WRITE);
495		495
496	break;	496	break;
497		497
498	case SSL3_ST_CW_FINISHED_A:	498	case SSL3_ST_CW_FINISHED_A:
499	case SSL3_ST_CW_FINISHED_B:	499	case SSL3_ST_CW_FINISHED_B:
500	if (SSL_IS_DTLS(s) && !s->internal->hit)	500	if (SSL_is_dtls(s) && !s->internal->hit)
501	dtls1_start_timer(s);	501	dtls1_start_timer(s);
502	ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,	502	ret = ssl3_send_finished(s, SSL3_ST_CW_FINISHED_A,
503	SSL3_ST_CW_FINISHED_B, TLS_MD_CLIENT_FINISH_CONST,	503	SSL3_ST_CW_FINISHED_B, TLS_MD_CLIENT_FINISH_CONST,
504	TLS_MD_CLIENT_FINISH_CONST_SIZE);	504	TLS_MD_CLIENT_FINISH_CONST_SIZE);
505	if (ret <= 0)	505	if (ret <= 0)
506	goto end;	506	goto end;
507	if (!SSL_IS_DTLS(s))	507	if (!SSL_is_dtls(s))
508	s->s3->flags \|= SSL3_FLAGS_CCS_OK;	508	s->s3->flags \|= SSL3_FLAGS_CCS_OK;
509	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;	509	S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
510		510
@@ -543,7 +543,7 @@ ssl3_connect(SSL *s)
543		543
544	case SSL3_ST_CR_FINISHED_A:	544	case SSL3_ST_CR_FINISHED_A:
545	case SSL3_ST_CR_FINISHED_B:	545	case SSL3_ST_CR_FINISHED_B:
546	if (SSL_IS_DTLS(s))	546	if (SSL_is_dtls(s))
547	D1I(s)->change_cipher_spec_ok = 1;	547	D1I(s)->change_cipher_spec_ok = 1;
548	else	548	else
549	s->s3->flags \|= SSL3_FLAGS_CCS_OK;	549	s->s3->flags \|= SSL3_FLAGS_CCS_OK;
@@ -551,7 +551,7 @@ ssl3_connect(SSL *s)
551	SSL3_ST_CR_FINISHED_B);	551	SSL3_ST_CR_FINISHED_B);
552	if (ret <= 0)	552	if (ret <= 0)
553	goto end;	553	goto end;
554	if (SSL_IS_DTLS(s))	554	if (SSL_is_dtls(s))
555	dtls1_stop_timer(s);	555	dtls1_stop_timer(s);
556		556
557	if (s->internal->hit)	557	if (s->internal->hit)
@@ -564,7 +564,7 @@ ssl3_connect(SSL *s)
564	case SSL3_ST_CW_FLUSH:	564	case SSL3_ST_CW_FLUSH:
565	s->internal->rwstate = SSL_WRITING;	565	s->internal->rwstate = SSL_WRITING;
566	if (BIO_flush(s->wbio) <= 0) {	566	if (BIO_flush(s->wbio) <= 0) {
567	if (SSL_IS_DTLS(s)) {	567	if (SSL_is_dtls(s)) {
568	/* If the write error was fatal, stop trying */	568	/* If the write error was fatal, stop trying */
569	if (!BIO_should_retry(s->wbio)) {	569	if (!BIO_should_retry(s->wbio)) {
570	s->internal->rwstate = SSL_NOTHING;	570	s->internal->rwstate = SSL_NOTHING;
@@ -588,7 +588,7 @@ ssl3_connect(SSL *s)
588	goto end;	588	goto end;
589	}	589	}
590		590
591	if (!SSL_IS_DTLS(s))	591	if (!SSL_is_dtls(s))
592	ssl3_release_init_buffer(s);	592	ssl3_release_init_buffer(s);
593		593
594	ssl_free_wbio_buffer(s);	594	ssl_free_wbio_buffer(s);
@@ -609,7 +609,7 @@ ssl3_connect(SSL *s)
609	if (cb != NULL)	609	if (cb != NULL)
610	cb(s, SSL_CB_HANDSHAKE_DONE, 1);	610	cb(s, SSL_CB_HANDSHAKE_DONE, 1);
611		611
612	if (SSL_IS_DTLS(s)) {	612	if (SSL_is_dtls(s)) {
613	/* done with handshaking */	613	/* done with handshaking */
614	D1I(s)->handshake_read_seq = 0;	614	D1I(s)->handshake_read_seq = 0;
615	D1I(s)->next_handshake_write_seq = 0;	615	D1I(s)->next_handshake_write_seq = 0;
@@ -683,7 +683,7 @@ ssl3_send_client_hello(SSL *s)
683	* HelloVerifyRequest, we must retain the original client	683	* HelloVerifyRequest, we must retain the original client
684	* random value.	684	* random value.
685	*/	685	*/
686	if (!SSL_IS_DTLS(s) \|\| D1I(s)->send_cookie == 0)	686	if (!SSL_is_dtls(s) \|\| D1I(s)->send_cookie == 0)
687	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);	687	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
688		688
689	if (!ssl3_handshake_msg_start(s, &cbb, &client_hello,	689	if (!ssl3_handshake_msg_start(s, &cbb, &client_hello,
@@ -744,7 +744,7 @@ ssl3_send_client_hello(SSL *s)
744	}	744	}
745		745
746	/* DTLS Cookie. */	746	/* DTLS Cookie. */
747	if (SSL_IS_DTLS(s)) {	747	if (SSL_is_dtls(s)) {
748	if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {	748	if (D1I(s)->cookie_len > sizeof(D1I(s)->cookie)) {
749	SSLerror(s, ERR_R_INTERNAL_ERROR);	749	SSLerror(s, ERR_R_INTERNAL_ERROR);
750	goto err;	750	goto err;
@@ -875,7 +875,7 @@ ssl3_get_server_hello(SSL *s)
875		875
876	CBS_init(&cbs, s->internal->init_msg, n);	876	CBS_init(&cbs, s->internal->init_msg, n);
877		877
878	if (SSL_IS_DTLS(s)) {	878	if (SSL_is_dtls(s)) {
879	if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {	879	if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
880	if (D1I(s)->send_cookie == 0) {	880	if (D1I(s)->send_cookie == 0) {
881	S3I(s)->tmp.reuse_message = 1;	881	S3I(s)->tmp.reuse_message = 1;
@@ -926,7 +926,7 @@ ssl3_get_server_hello(SSL *s)
926		926
927	if (!ssl_downgrade_max_version(s, &max_version))	927	if (!ssl_downgrade_max_version(s, &max_version))
928	goto err;	928	goto err;
929	if (!SSL_IS_DTLS(s) && max_version >= TLS1_2_VERSION &&	929	if (!SSL_is_dtls(s) && max_version >= TLS1_2_VERSION &&
930	s->version < max_version) {	930	s->version < max_version) {
931	/*	931	/*
932	* RFC 8446 section 4.1.3. We must not downgrade if the server	932	* RFC 8446 section 4.1.3. We must not downgrade if the server